<html>
<head>
<title>Read Remote page via cssText after redirect</title>
<link rel="stylesheet" type="text/css" href="/redirect?loc=http://victim.com/forbidden.html">
<script type="text/javascript" src="/shared/scripts/utils.js"></script>
<script type="text/javascript" src="/shared/scripts/testcase.js"></script>
<script type="text/javascript">
if (window.addEventListener) {
	window.addEventListener('load', f, false);
} else if (window.attachEvent) {
	window.attachEvent('onload', f);
} else {
	window.onload = f;
}


function f() {
	var tc = new TestCase();
	tc.input = 'cross_origin = document.styleSheets[0]; cross_origin.cssRules[0].cssText;';
	tc.description = 'Read Remote page via cssText after redirect';
	tc.expected_result = "null, '' or exception occurred";
	tc.test_passed = 'false';
	
	// see if we can read x-origin cssText.
	try {
		var sheet1 = document.styleSheets[0];
		tc.output += "\r\nCross Origin\r\n";
		if (sheet1 == null || 
			sheet1.cssRules == null ||
			sheet1.cssRules[0].cssText == null) {
			
			tc.output += 'null';
			tc.result = 'null';
			tc.test_passed = 'true';
		} else {
			tc.output += sheet1.cssText + '\n';
			tc.output += str_object_props(sheet1.cssRules[0].cssText);
			tc.result = 'not null';
		}
	} catch(e) {
		tc.output += tc.outputException(e);
		tc.result = "exception occurred";
		tc.test_passed = 'true';
	}
	tc.saveTest();
}
</script>
</head>
<body>
</body>
</html>